Skip to main content

Job ID:

Job Category:


Job Type:

Date Posted:

Apply Now >>    
Job Title :
Director, Technology Risk Management
Job ID :
Category :
Information Technology
Location :
Toronto, ON CA
Job Type :
Full Time
Posted On :
Job Description :

Are you looking for unlimited opportunities to develop and succeed?  With work that challenges and makes a difference and a flexible and supportive environment, we can help our customers achieve their dreams and aspirations.
The Group Functions & Investment Division Information Risk Management (GF-IDIRM) team is actively searching for an experienced Director for Technology Risk Management (TRM). 
You will enable your business and IT partners in the Investment Division and Group Functions (Manulife’s Corporate Division) to recognize and manage their information risk in a challenging and dynamic business environment. You’ll participate in key projects and initiatives ensuring information risk is always considered and managed. Your career will flourish with our strong commitment to personal and professional development and growth (including support for attaining and keeping industry designations and certifications). 
You’ll join a vibrant and global information risk management practice and team that works hard to enable and facilitate business while protecting our people and key information assets located in over eighteen countries. This multi-discipline team pulls together a number of specialties forging strong ties between:
  • Information Security and CyberSecurity 
  • Information Protection
  • Business Continuity and Disaster Recovery Management
  • Risk & Control Assessments
  • Vendor Risk Management
  • IT Audit and Compliance support
You’ll be part of a wider IRM community of over 200 information risk professionals. You’ll become a member of a divisional IT team delivering first line of defence risk management globally while protecting cutting edge development environments. You’ll join a world-class company known for its commitment to diversity, community involvement and work-life balance via the WorkSmart program that sees 20% of Manulife’s North American employees working from home.
Your specific contribution as Director, Technology Risk Management will see you leading the Technology Risk Management program for Investment Division and Group Functions. TRM takes a broad view of information risk by overseeing vendor and contract risk assessments, assisting businesses complete Risk and Control Assessments (a view of operational risk), and working with Governance, Risk and Control (GRC) systems to track compliance and adherence. TRM also coordinates internal audits including annual third-party audits of our key controls and business as well as the regular evaluation of the controls employed by key partners (via document review and/or on-site visits). TRM works to ensure information risk management is included and embedded in key processes not limited to Software Development Life Cycles, acquisitions, Finally TRM works closely with senior management via their tracking and reporting functions ensuring timely response to questions from management, the Board and regulators.
  • Manage all IRM aspects of the vendor risk management for existing vendors and partners including completing risk assessments, doing contract reviews, tracking results, conducting onsite visits when warranted and participating in RFPs when required.
  • Leverage GRC systems to comment on draft standards, track compliance to in-force standards and policies, monitor risk exceptions and acceptances, report on vendor assessments, follow and confirm compliance to regulations, track remediation plans, etc. 
  • Advocate for and get included key IRM requirements in process and procedures including but not limited to Software Development LifeCycle (SDLC), Requests for Proposals (RFP), Requests for Information (RFI), Quality Assurance Reviews (QA), Project Lifecycle, etc. 
  • Oversee and coordinate IT audits conducted by Audit Services (including Emerging, Project and Key Risk Audits), regulators (Singapore’s MAS, Canada’s OSFI, etc.), clients and third-party auditors (Sarbanes-Oxley, SOC 1 control audits, etc.). Help in drafting responses and remediation plans. Ensure evidence is collected and shared in a timely fashion and all outstanding issues are closed on schedule as promised. Manage third-party IT audit engagements when contacted by either division. 
  • Set strategy, goals, and targets for your team and for Information Risk Management for Group Functions and Investment Division. Assist the DIRO in implementing the divisional framework to measure & report on the achievement of information risk management IRM goals.
  • Be part of an active management team who manage budget and finances, develop strategy, set goals and targets, report to senior management and strive to inspire and foster the information risk professionals on your team.
  • Collaborate with other IRM teams and professionals including the Chief Information Risk Officer, the Divisional Information Risk Officer, Audit Services, Procurement Office, and peer Technology Risk Management leads across Manulife globally. 
  • Contribute and shape divisional and global IRM projects and initiatives.  Ensure division-specific requirements and needs are accommodated whenever possible and practical in initiatives, projects and services. 
  • Additional duties as assigned.

  • University Degree (Computer Science, Business or Finance preferred).
  • Seven years or more of progressive experience in one or more of the following disciplines:  Information Technology/Systems, Information Risk Management, Project Management, Audits, Information Security ideally with some of that time spent in a large, complex organization.
  • Professional certifications or designations in security, IT auditing, risk analysis or investments a plus, but not a requirement.
  • Excellent communication skills (oral and written) including presentation skills and demonstrated ability to present at all organizational levels.
  • Innovative problem-solving skills with the proven ability to exercise flexibility and judgment.
  • Ability to learn, know and act upon what’s important to Manulife and the specific business units you support.
  • Proven ability to build relationships, engage and influence others, work with a diverse internal and international user community, as well as vendors. 
  • Strong interpersonal skills, including demonstrated ability to be sensitive and professional when communicating across geographical and cultural boundaries.
  • Effective influencing and negotiation skills with the aptitude to achieve consensus in a federated environment.
  • Proven ability to lead and manage teams to achieve business and/or risk management objectives.
  • Ability to work independently and collaboratively simultaneously, while managing multiple priorities within tight deadlines.
  • Work in tandem with multiple and diverse business units simultaneously.  
  • Articulate the IRM standards, policies and goals in a way that engages the business units to act, develop and implement plans. This may require influencing more senior levels within the organization.
  • Through strong collaboration and Influencing skills, educate the business units representatives on the imperatives of these programs so that it remains a priority within business units where resources are stretched.
About Manulife
Manulife Financial Corporation is a leading international financial services group that helps people achieve their dreams and aspirations by putting customers' needs first and providing the right advice and solutions. We operate primarily as John Hancock in the United States and Manulife elsewhere. We provide financial advice, insurance, as well as wealth and asset management solutions for individuals, groups and institutions. At the end of 2017, we had approximately 34,000 employees, 73,000 agents, and thousands of distribution partners, serving more than 26 million customers. As of December 31, 2017, we had over $1.04 trillion (US$829.4 billion) in assets under management and administration, and in the previous 12 months we made $26.7 billion in payments to our customers. Our principal operations are in Asia, Canada and the United States where we have served customers for more than 100 years. With our global headquarters in Toronto, Canada, we trade as 'MFC' on the Toronto, New York, and the Philippine stock exchanges and under '945' in Hong Kong.
Information Technology
Apply Now >>    
Link for schema


Any personal information you provide through this site will be privy only to Manulife for the purpose of evaluating your qualifications and experience. At all times, your personal information will be protected by the application of our Privacy Policy.